<?

/*
*
*   Excalibur Content Management System
*   Copyright © 2008 Egor "Sontan" Kuryanovich
*
*   Based on Explay Engine v2.0 by Golovdinov Alexander
*
*   Official site: www.excms.ru
*   Contact e-mail: support@excms.ru
*
*   GNU General Public License original source:
*   http://www.gnu.org/licenses/gpl-3.0.html
*
*/


header('Content-type: text/html; charset=utf-8');  
header('Cache-Control: no-cache');

$EXCMS = 'work';

error_reporting (0);

include $_SERVER['DOCUMENT_ROOT'].'/engine/settings.php';
include $_SERVER['DOCUMENT_ROOT'].'/engine/mysql.class.php';
$db = new DB($server, $dbusername, $dbpassword, $dbname);
$db->connect();

if (!$mainsettings = $db->query ("SELECT * FROM site_main")) 
{ 
	print "<center><b>Невозможно взять данные из БД!<br>Обратитесь к администратору сайта!</b>"; 
	exit; 
}
$SITE = $db->fetch_array ($mainsettings);

if (isset($_COOKIE['login']) && isset ($_COOKIE['pass']) && $_COOKIE['login'] != "false" && $_COOKIE['pass'] != "false") {
	$GLOBAL_USER_LOGIN = addslashes($_COOKIE['login']);
	$GLOBAL_USER_PASS = addslashes($_COOKIE['pass']);
	if ($GLOBAL_USER_LOGIN != "" && $GLOBAL_USER_PASS != "")
		$SELECT_USER = $db->query ("SELECT * FROM ".DB_PEREFIX."_users WHERE user_login = '$GLOBAL_USER_LOGIN' && user_password = '$GLOBAL_USER_PASS'");
	if ($db->num_rows ($SELECT_USER) == 1) {
		$GLOBAL_USER = $db->fetch_array ($SELECT_USER);
	}
}

include $_SERVER['DOCUMENT_ROOT'].'/engine/functions.php';
include $_SERVER['DOCUMENT_ROOT'].'/engine/templates.class.php';
$template = new template ($_SERVER['DOCUMENT_ROOT']."/themes/{$SITE['site_theme']}/");

if ($GLOBAL_USER['user_group'] == "user") $template->user = "register";
elseif ($GLOBAL_USER['user_group'] == "admin") $template->user = "admin";
else $template->user = "user";
include $_SERVER['DOCUMENT_ROOT']."/engine/templates.php";

if (is_registered() && isset($_POST['id']) && isset($_POST['module'])) 
{
	$module = addslashes ($_POST['module']);
	$id = intval ($_POST['id']);
	
	// Если добавлен комментарий
	if (isset($_POST['parent']) && isset($_POST['com_body'])) 
	{
		// FIXME: исправить на count
		$get_c = $db->num_rows ($db->query ("SELECT * FROM ".DB_PEREFIX."_comments WHERE com_id = '".intval($_POST['parent'])."'"));
		if ($get_c == 1) 
		{
			// Добавляем комментарий
			add_comment ('', '', $_POST['com_body'], $module, $id, '');
		}
		else 
		{
			// Если комментарий не существует (был удален)
			site_error ('Чертовщина какая-то! Этот комментарий был только что тут!');
		}
	}
	
	// Если запрос
	if (isset($_POST['delete']) && is_admin() && isset($_POST['comment'])) 
	{
		$comment_id = intval($_POST['comment']);
		$del = $db->query ("DELETE FROM ".DB_PEREFIX."_comments WHERE com_id = '$comment_id'");
		if ($del) 
		{
			$get = $db->query ("SELECT com_id, com_parent FROM ".DB_PEREFIX."_comments WHERE com_category = '$module' AND com_idi = '$id'");
			$array = array ();
			while (list($the_id, $parent) = $db->fetch_row ($get)) $array[$parent][] = $the_id;
			delete_com ($array[$comment_id], $array);
			site_message ('Цепочка комментариев удалена!');
		}
		else 
			site_error ('Произошла некая ошибка!');
	}
	
	print_comments ($module, $id, "/$module/$id.html");
}

function delete_com ($arr, $array) 
{
	global $db;
	foreach ($arr as $comment) 
	{
		$db->query ("DELETE FROM ".DB_PEREFIX."_comments WHERE com_id = '$comment'");
		if (isset($array[$comment])) delete_comment ($array[$comment], $array);
	}
}
